CVE-2011-3691

Name of the Vulnerable Software and Affected Versions Foxit Reader versions prior to 5.0.2.0718

Description The issue allows local users to gain privileges via a Trojan horse dwmapi.dll, dwrite.dll, or msdrm.dll in the current working directory. It can also be exploited to cause a heap-based buffer overflow via an overly long string passed in the strFilePath parameter of the OpenFile() method in the FoxitReaderOCX ActiveX control. Additionally, the application loads libraries in an insecure manner, which can be exploited to load arbitrary libraries by tricking a user into opening a PDF file located on a remote WebDAV or SMB share, allowing execution of arbitrary code.

Recommendations For versions prior to 5.0.2.0718, update to version 5.0.2.0718 or later to resolve the issue. As a temporary workaround, consider restricting access to the FoxitReaderOCX ActiveX control and avoid opening PDF files from untrusted sources, especially those located on remote WebDAV or SMB shares.